package cn.dlc.com.filter;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import org.apache.commons.lang.StringUtils;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
 * @author 邓立川
 * @date 2021/11/28 15:18
 * @desc 当前类的描述信息
 */
public class TokenAuthenticationFilter extends BasicAuthenticationFilter {

    private AuthenticationManager authenticationManager;

    public TokenAuthenticationFilter(AuthenticationManager authenticationManager) {
        super(authenticationManager);
    }

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
                                    FilterChain chain) throws IOException, ServletException {
        // 获取到请求头里面的东西
        String header = request.getHeader("json-token");

        System.out.println("sdfsdfsdfsdfsdfsdf");

        if(StringUtils.isNotBlank(header)) {
            JSONObject jsonObject = JSON.parseObject(header);

            // 获取到用户名
            String principal = jsonObject.getString("principal");
            JSONArray authorities = jsonObject.getJSONArray("authorities");
            // 获取到权限
            String[] authorityArr = authorities.toArray(new String[authorities.size()]);

            System.out.println("principal: " + principal);

            // 验证用户
            UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(principal, null, AuthorityUtils.createAuthorityList(authorityArr));

            token.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
            // 保存到上下文
            SecurityContextHolder.getContext().setAuthentication(token);

        }
        chain.doFilter(request, response);
    }
}
/*
public class TokenAuthenticationFilter extends OncePerRequestFilter {

    @Override
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {

        // 获取到请求头里面的东西
        String header = httpServletRequest.getHeader("json-token");

        System.out.println("sdfsdfsdfsdfsdfsdf");

        if(StringUtils.isNotBlank(header)) {
            JSONObject jsonObject = JSON.parseObject(header);

            // 获取到用户名
            String principal = jsonObject.getString("principal");
            JSONArray authorities = jsonObject.getJSONArray("authorities");
            // 获取到权限
            String[] authorityArr = authorities.toArray(new String[authorities.size()]);

            System.out.println("principal: " + principal);

            // 验证用户
            UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(principal, null, AuthorityUtils.createAuthorityList(authorityArr));

            token.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
            // 保存到上下文
            SecurityContextHolder.getContext().setAuthentication(token);

        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);

    }
}
*/
